Overview MetaDefender Sandbox API Reference Release Notes
Getting Started
Deployment & Usage
Support
Installation
3.0.0
Search this version
Installation
Installation
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Domains Contacted During Installation & Operation
Copy Markdown
Open in ChatGPT
Open in Claude
During the installation and operation of MetaDefender Aether (previously known as MetaDefender Sandbox), the following domains will be contacted. Please note that this may change over time.
| Domains | Purpose | Usage Type | MetaDefender Aether Layer |
|---|---|---|---|
| api.metadefender.com | MetaDefender Cloud Reputation API | Operation | Layer 1 - Threat Reputation Layer 4 - Threat Hunting |
| OPSWAT Activation Server and Update Infrastructure - Used for product activation and for downloading threat database updates | Operation | Layer 1 - Threat Reputation Layer 2 - Dynamic Analysis Layer 3 - Threat Scoring | |
| my.opswat.com | MyOPSWAT Portal used for OCM Integration | Operation | N/A |
| Microsoft Container Registry and repository for .NET packages - Used by the Powershell emulator | Installation | N/A | |
| Repositories of Ubuntu and Debian packages (can be any regional or local mirror) - Used directly for Ubuntu installations and used in Docker containers for both Ubuntu and RHEL installs | Installation | N/A | |
| Used for Docker installation and downloading base images for Sandbox components | Installation | N/A | |
| Python package repositories - Used when building the Docker image for the Sandbox webservice component | Installation | N/A | |
| Fedora’s geographically optimized mirror server that hosts Fedora packages | Installation | N/A | |
| Used for downloading phishpedia package from artifact.sandbox-prod.metadefender.com - Required for phishing detection ML model | Installation | N/A | |
| Used for downloading Google Chrome - Required for URL rendering in the Sandbox transform Docker container | Installation | N/A | |
| github.com | Used for getting YARA rules from OPSWAT fsYara repository: https://github.com/filescanio/fsYara | Operation | Layer 2 - Dynamic Analysis |
| Used for basic connectivity check | Installation | N/A | |
| NTP and time servers | Operation | N/A | |
| pki.goog | Google Public Key Infrastructure | Installation Operation | N/A |
| playwright.azureedge.net | Used for installing playwright in the Sandbox webservice docker image | Installation | N/A |
| rhui.us-west-2.aws.ce.redhat.com | RHEL package repository (can be any regional or local mirror) | Installation | N/A |
For convenience, the same domains are also listed here:
Domains
api.metadefender.comopswat.comupdate.dl.opswat.comactivation.dl.opswat.commy.opswat.comapi.nuget.orgdata.mcr.microsoft.commcr.microsoft.com packages.microsoft.coma-0016.a-msedge.netarchive.ubuntu.comdeb.debian.orgdebian.map.fastlydns.netsecurity.ubuntu.comauth.docker.iodocker.iodownload.docker.comregistry-1.docker.ioproduction.cloudflare.docker.combootstrap.pypa.iofiles.pythonhosted.orgpypi.orgcodecs.fedoraproject.orgmirrors.fedoraproject.orgd2h67oheeuigaw.cloudfront.netd2lzkl7pfhq30w.cloudfront.netartifact.sandbox-prod.metadefender.comdl-ssl.google.comdl.google.comgithub.comgoogle.comwww.google.comntp.ubuntu.comtime-a-g.nist.govtime-a.nist.govpki.googplaywright.azureedge.netrhui.us-west-2.aws.ce.redhat.comType to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Last updated on
Was this page helpful?
Next to read:
Installed PackagesSee the "Technical Datasheet" for a complete list of features: https://docs.opswat.com/filescan/datasheet/technical-datasheet
Discard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message
